In a nutshell: Windows 11 includes tools to automate repetitive tasks, saving users a lot of time. However, one security researcher says it can also save hackers a lot of time. Microsoft questions the vulnerability of its automation tools, but as usual regarding cybersecurity, human complacency may be the weakest link.

A research firm recently published methods for attackers to hijack automation tools that ship with Windows 11 to distribute malware and steal data across networks. The process comes with some caveats but marks another area of concern for IT security.

The vulnerability centers on Power Automate, a tool Microsoft packages with Windows 11 that lets users automate tedious or repetitive asks across various programs. Users can automatically backup files, convert batches of files, move data between programs, and more, optionally automating actions across groups through a cloud.

Power Automate comes with many pre-made functions, but users can create new ones by recording their actions, which the tool can later repeat. The program could gain widespread use because it requires little-to-no coding knowledge.

Michael Bargury, CTO of security company Zenity, thinks attackers can use Power Automate to more quickly spread malware payloads, explaining how in a June Defcon presentation. He released the code for the attack, called Power Pwn, in August.

https://www.techspot.com/news/95858-security-researchers-successfully-hijack-windows-11-power-automate.html